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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1704(b). 

Status 

1 )S Responsive to communication(s) filed on 07 November 2006 . 
2a)[EI This action is FINAL. 2b)D This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal nnatters, prosecution as to the nnerits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) \Z\ Claim(s) is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) \Z\ Claim(s) is/are allowed. 

6) K1 Claim(s) 1-20, 22-26 and 30 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)0 accepted or b)0 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction Is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 
1 1 )0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 1 19 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)0 All b)a Some * c)0 None of: 

1 -O Certified copies of the priority documents have been received. 

2.0 Certified copies of the priority documents have been received in Application No. . 

3.0 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . The Amendment, and remarks therein, received on 1 1/07/06 have been entered and 
carefully considered. 

2. The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior office action. 

Response to Amendment 

3. The amendments addressed the objections and applicant remarks addressed the 35 
use § 1 12 rejections cited in the previous Office Action that as a result have been 
withdrawn. 

4. Applicant's remarks are essentially directed towards the limitation: "a learning 
component that determines anticipated authentication challenges to resource 
requests from applications based on responses generated during previous resource 
requests by applications". Applicant alleges that neither Wu, Hamilton, Michel nor 
Lafer disclose the presence of such a component. 

5. Applicant's remarks have been carefully considered but not found persuasive. It 
appears that applicant search for challenge requests in each of the cited references. 
Instead, Wu discloses the main concept of the authentication challenge responses to 
resource requests, and caching (as illustrated by Hamilton, Michel and Lafer) 
enhances the Wu reference with anticipation of responses to requests in order to 
satisfy the request process more efficiently. 

6. As disclosed in the previous Office Action, Wu in view of Hamilton, Michel or Lafer 
clearly disclose deterministic anticipation authentication challenges to resource 
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requests from applications based on responses generated during previous resource 
requests by applications. Specifically Wu teaches challenges to resource requests 
from applications (Wu et al., Fig. 1, col. 9 lines 47-col. 10 line 2), and Hamilton, 
Mchiel and Lafer clearly suggest that old and well known in the art of computing 
cache is a clear indication of the concept of a learning component that determines 
anticipated responses to requests. In paragraph 9 of the previous Office Action, the 
examiner disclosed the concept using Michel and Lafer references that clearly 
disclose presence of learning components that determines anticipated requests 
based upon learning during previous resource requests. (For example, in coL 3 
lines 56-58 Lafer discloses process of learning that determines anticipated response 
to a resource request from application (is the requested HTML page in the cache?)) 
Similarly, the Hamilton reference clearly discloses the presence of learning 
components that determines anticipated responses to requests based upon previous 
resource requests (e.g. Hamilton, pg. 1). Wu reference has been combined with 
Hamilton, Michel or Lafer and in paragraph 9 of the Previous Office Action) the 
examiner provided the motivation to combine these references. 
As a result Wu in view of Hamilton, Michel and Lafer clearly disclose deterministic 
anticipation authentication challenges to resource requests from applications based 
on responses generated during previous resource requests by applications. 

7. Claims 1-20, 22-26 and 30 have been examined. 

Claim Rejections - 35 USC § 103 
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8. Claims 1-5, 13, 16-18 and 30 remain rejected under 35 U.S.C. 103(a) as being 
obvious over \Nu et al. (U.S. Patent No. 5774551) in view of Laferet al. (U.S. Patent 
No. 6192382). 

As per claims 1,16 and 30 Wu et al. teach employing a component implemented on 
a computer readable medium to accept an authentication challenge and passing a 
first data associated with the authentication challenge to an authentication manager 
(Wu et al., Fig. 7, col. 9 lines 47-col. 56). Wu et al. teach that the authentication 
manager processes the first data into second data of a first type appropriate for a 
first authentication module, and that the authentication manager processes the first 
data into second data of a second type appropriate for a second authentication 
module, the first and second authentication modules having different requirements 
for the second data and passing at least one of the second data associated with the 
authentication challenge to one or more authentication modules, where the 
authentication modules are registered with the authentication manager, and where 
the authentication modules are operatively connected to the authentication manager 
(Wu et al., col. 9 lines 63-67). The authentication modules are registered with the 
authentication manager (Wu et al., col. 9 lines 52-56) and produce one or more 
responses to the authentication challenge (Wu etai, col. 9 lines 67-col. 10 line 2). 

9. As per claims 13 and 18 Wu etal. teach that the authentication challenge is 
generated by at least one of a Kerberos authentication system, a digest 
authentication system, a Basic authentication system, an NTLM authentication 
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system and a certificate based authentication system (Wu et al., col. 2 lines 1-43) 
and it is a multipart authentication challenge (Wu et ai, col. 9 lines 65-67). 
10. Wu et al. does not teach determining anticipated responses (authentication 
challenge) to resource requests based upon run-time learning during previous 
resource requests by applications. 

Later et al. (coL 3 lines 56-58), implements anticipating responses to resource 
requests from applications based upon run-time learning during previous resource 
requests by applications. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate determining anticipated responses to resource requests 
from applications based upon run-time learning during previous resource requests 
by applications as taught by Later et al. given the benefit of increased performance 
and decreased response time to requests. 

1 1 .The examiner points out that teaching of Later et al. is an illustration of an old and 
well-known concept of caching (see previous Ottice Action for additional examples, 
in particular Michel [24] or Hamilton). 

12. Claims 6-7, 22-23 and 26 remain rejected under 35 U.S.C. 103(a) as being 

unpatentable over Wu et al. (U.S. Patent No. 5774551) in Later et al. (U.S. Patent 
No, 6192382) and further in view'of Travis et al. (U.S. Patent No. 6269367). 
As per claims 3-5 and 7 and 23 Wu et al. teach multipart authentication generated 
by at least one of a Kerberos authentication system, a digest authentication system, 
a Basic authentication system, an NTLM authentication system and a certificate 
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based authentication system and producing a set of third data as discussed above 
and teach that the authentication modules employ one or more services (Wu et al., 
col. 21 lines 10-23). 

13. Furthermore, claims 6, 22 and 26 essentially refer to a pre-step of a previously 
discussed authentication, wherein instead of receiving, processing and responding 
to data associated with the communication challenge. The test is conducted and 
wherein test data received by the authentication manager triggers "pre- 
authentication procedures" that are essentially the same as the authentication 
procedures. Although, Wu et aL do not explicitly discuss test procedures, 
conducting tests prior to implementation of a system is old and well-known practice 
as shown by Travis et al. (col. 2 lines 20-41) giving a benefit of addressing and 
avoiding potential problems prior to the system's live implementation. 

14. Claims 8-12. 14-15, 19-20 and 24-25 remain rejected under 35 U.S.C. 103(a) as 
being unpatentable over Wu et al. (U.S. Patent No. 5774551) in view of Lafer et al. 
(U,S. Patent No. 6192382) and Travis et al. (U.S. Patent No. 6269367) and further in 
view of Object Oriented Programming as illustrated by Burroughs et al (U.S. Patent 
No. 5878411), Kumar etal. (U.S. Patent No. 6343287), Microsoft Press (Microsoft 
Press, "Computer Dictionary, 3'"^ edition, ISBN: 157231446X, 1997) and New Rider 
(New Rider, "Windows 98 Professional Reference", 

http://cma . zdnet. com/book/win98prfref/ch 1 5/ch 1 5. htm) . 

As per claims 8 and 10-1 1 Wu et al.'s invention is object-oriented system that uses a 
class factory (Wu et aL, col. 12 lines 4-19, 39-47, coL 13 lines 4-1 1). However, Wu 
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et al. do not explicitly teach instantiating one or more authentication objects based, 
at least in part, on the first data, and authentication objects callable by the 
authentication manager, and a data store that holds information associated with 
selectively instantiating the one or more authentication objects that can be callable 
by the authentication manager. However, these concepts are well known in the art. 
For example, Burroughs et ai disclose fundamentals of Object Oriented 
Programming: 

"A fundamental concept in OOP is the class. A class is a template or prototype that 
defines a type of object. A programmer may define a class by writing a section of 
code known as a class definition. An object is an instance of a class. An object is 
created or instantiated at run-time, i.e., when the computer executes a statement in 
the program calling for the instantiation of an object of a specified class. An object 
may include attributes or data as well as functions or methods. The class definition 
specifies the attributes and methods. The attributes are represented in an object by 
the values of instance variables" (Burroughs et al., col, 5 lines 15-25). 
15. Another example is provided by Kumar et ai who's invention involves 

"a mechanism, method, and computer program product for linking a profile service 
instance to a plurality of external data stores. External data store profile that "is 
created in the profile service that names the connector class. An external data store 
reference object is created in the profile service instance that identifies the external 
data store profile and a number of parameters that specify. particular data desired 
from the external data store. A profile within the profile service instance includes an 
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attribute that names the data store reference object. When the attribute is evaluated, 
the data store reference object is instantiated, optionally using parameters specified 
at runtime, and passed as a parameter to an instance of the data store connector 
class identified by the external data store profile" (Kumar et ai, col, 5 lines 10-32). 
In light of the above references it would have been obvious to one of ordinary skill in 
the art at the time of applicant's to register objects with the class factory and with the 
data store instantiating one or more authentication objects based, at least in part, on 
the first data, and authentication objects callable by the authentication manager, and 
a data store that holds information associated with selectively instantiating the one 
or more authentication objects callable by the authentication manager. One of 
ordinary skill in art at the time of applicant's invention would have employed such a 
modification to conform with and take a full advantage of object oriented design, as 
well as to ensure that the objects are known and utilized by the system. 
16. As per claims 12 and 25 Wu et al. do not explicitly teach that the applications do not 
have to be recoded or recompiled in order to employ the newly registered object" is 
acknowledged. 

However, as illustrated by Microsoft Press (dynamic link library, pg, 166) as well as 
the New Rider's "Windows 98 Professional Reference" reference (New Rider, 
"Understanding HKEY__CLASSES_ROOr section) disclose application that does 
not have to be recoded or recompiled to employ the registered objects were well 
known in the art and it would have been obvious to one of ordinary skill in the art at 
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the time of applicant's invention to incorporate such applications in order to speed up 
the applications' execution. 

17. As per claims 19-20 and 24 \Nu etal. teach that one or more authentication modules 
are "plugged" into and communicate with "pluggable account management" as 
objects (e.g. passing parameters, Fig. 1 and col. 13 line 53 col. 14 line 35) and it 
would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to keep updating the authentication solution disclosed by Wu et al. by 
extending available modules including additional authentication schemes modules. 
One of ordinary skill in the art would have been motivated to perform such a 
modification in order to accommodate new authentication protocols. 

18. As per claims 14-15 Wu etal.'s distributed authentication includes the computer 
facilitating the authentication, terminal and remote computers (Wu et al: Fig. 1). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571 ) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jacques Louis Jacques can be reached on (571 ) 272-6962. The fax phone 
number for the organization where this application or proceeding is assigned is (571) 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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